Credit Union IT Governance

Our aim is to provide peace of mind to the oversight of IT within organisation, free your time to focus on the business functions and provide clarity to the operations of IT, documentation and service providers.

CUMA 2020 Conference Video

Many reports from the Central Bank and other financial regulatory institutions have highlighted risks that IT presents to credit unions due to lack of understanding, insufficient procedures and uneducated practices.

Information, Security, Asset Management & Change Management Policy

Information security is an integral part of credit union governance; while management is responsible for many aspects of it, ownership and accountability rests ultimately with the board of directors. Effective security ensures the confidentiality, accuracy and availability of credit union information and is achieved by maintaining awareness, understanding the risks, and taking action proactively to mitigate them.There are 4 primary documents to audit IT governance;

• Management Information Policy in Credit Unions
• Information Security Policy in Credit Unions
• Change Management Policy in Credit Unions
• Asset Management Policy in Credit Unions

Additional Information Policies are:

• Business Continuity Plan
• Outsourcing Policy

IT Governance

In the Credit Union sector, the primary sources of IT Governance are:

• Central Bank of Ireland Thematic & PRISM reports on IT Oversight and Cyber Security
• Demands from members for enhanced online user experience
• Competition from other financial institutions and providers
• Oversight and risk mitigation on IT systems, solutions and security

These risks and concerns are reflected in other sectors, but common theme’s outlined above, is relevant in all sectors.

The Central Bank report in 2018 on IT Risks in Credit Unions, “IT Risks in Credit Unions – Thematic Review Findings” assessed four areas to assess risks with in the sector.[1]